After the first 10.0 vulnerability in Ivanti Endpoint Manager Mobile (EPMM) in July, the BSI again warns of another 10.0 vulnerability. This time, the CVE-2023-35082 vulnerability affects all versions of the EPMM. A script to close the vulnerability is available. However: Old versions can no longer be protected!
After the Federal Office for Information Security (BSI) already warned in July of a vulnerability of the Endpoint Manager Mobile - EPMM (formerly MobileIron Core)., the manufacturer Ivanti has now published information about another security gap. The vulnerability is listed under Common Vulnerabilities and Exposures (CVE) number CVE-2023-35082 and again has a CVSS score of 10.0 making it critical.
Authentication bypass possible again
While only older versions of the EPMM were listed as affected in the first vulnerability, the security leak CVE-2023-35082 now affects all versions across the board. The vulnerability is similar to the recently discovered and actively exploited vulnerability CVE-2023-35078. It enables an unauthenticated attacker from the Internet to access the API endpoints (authentication bypass). Access to the API can be used to obtain personal information such as names, phone numbers and other details, or to make limited configuration changes. This is how the BSI explains it in its current security warning as a PDF.
Update script can only be used for new versions!
For the affected product versions of EPMM or MobileIron Core 11.10 to 11.3, Ivanti provides a script to close the vulnerability. No mitigation measure is available for end-of-live versions 11.2 and lower. It is therefore necessary to update to a newer version – preferably 11.10. A customer logo is required for an extended info on the Ivanti website.
More at Ivanti.com
About Ivanti The strength of unified IT. Ivanti connects IT with security operations in the company in order to better control and secure the digital workplace. We identify IT assets on PCs, mobile devices, virtualized infrastructures or in the data center - regardless of whether they are hidden on-premise or in the cloud. Ivanti improves the provision of IT services and reduces risks in the company on the basis of specialist knowledge and automated processes. By using modern technologies in the warehouse and across the entire supply chain, Ivanti helps companies improve their ability to deliver - without changing the backend systems.